Demo

Automated All-in-One OS Command Injection and Exploitation Tool.

Commix (short for [comm]and [i]njection e[x]ploiter) is an automated tool written by Anastasios Stasinopoulos (@ancst) that can be used from web developers, penetration testers or even security researchers in order to test web-based applications with the view to find bugs, errors or vulnerabilities related to command injection attacks. The Commix Project uses GitHub to host its source code and to track issues.

Easy to Use

It is very easy to find and exploit a command injection vulnerability in a certain vulnerable parameter or HTTP header(s).